iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TS 17574:2017

(Main)

Electronic fee collection — Guidelines for security protection profiles

Electronic fee collection — Guidelines for security protection profiles

ISO/TS 17574:2017 provides guidelines for preparation and evaluation of security requirements specifications, referred to as Protection Profiles (PP) in ISO/IEC 15408 (all parts) and in ISO/IEC TR 15446. By Protection Profile (PP), it means a set of security requirements for a category of products or systems that meet specific needs. A typical example would be a PP for On-Board Equipment (OBE) to be used in an EFC system. However, the guidelines in this document are superseded if a Protection Profile already exists for the subsystem in consideration.

Perception de télépéage — Lignes directrices concernant les profils de protection de la sécurité

General Information

Status
Published
Publication Date
07-Mar-2017
ICS
03.220.20 - Road transport
35.240.60 - IT applications in transport
Technical Committee
ISO/TC 204 - Intelligent transport systems
Drafting Committee
ISO/TC 204/WG 5 - Fee and toll collection
Current Stage
9092 - International Standard to be revised
Start Date
31-Oct-2023
Completion Date
19-Apr-2025
Ref Project

Relations

Consolidates
ISO 13184-2:2016 - Intelligent transport systems (ITS) — Guidance protocol via personal ITS station for advisory safety systems — Part 2: Road guidance protocol (RGP) requirements and specification
Effective Date
06-Jun-2022
Revises
ISO/TS 17574:2009 - Electronic fee collection - Guidelines for security protection profiles
Effective Date
05-Nov-2015
ISO/TS 17574:2017 - Electronic fee collection -- Guidelines for security protection profilesISO/TS 17574:2017 - Electronic fee collection -- Guidelines for security protection profiles
PreviousNext
Technical specification
ISO/TS 17574:2017 - Electronic fee collection -- Guidelines for security protection profiles
English language
52 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


TECHNICAL ISO/TS
SPECIFICATION 17574
Third edition
2017-03
Electronic fee collection — Guidelines
for security protection profiles
Perception de télépéage — Lignes directrices concernant les profils de
protection de la sécurité
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms . 4
5 EFC security architecture and protection profile processes . 5
5.1 General . 5
5.2 EFC security architecture . 5
5.3 Protection profile preparatory steps . 6
5.4 Relationship between actors. 7
6 Outlines of Protection Profile . 9
6.1 Structure . 9
6.2 Context .10
Annex A (informative) Procedures for preparing documents .11
Annex B (informative) Example of threat analysis evaluation method .45
Annex C (informative) Relevant security standards in the context of the EFC .50
Annex D (informative) Common Criteria Recognition Arrangement (CCRA).51
Bibliography .52
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,
as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the
Technical Barriers to Trade (TBT) see the following URL: www . i so .org/ iso/ foreword .html.
The committee responsible for this document is ISO/TC 204, Intelligent transport systems.
This third edition cancels and replaces the second edition (ISO/TS 17574:2009), which has been
technically revised. This edition includes the following significant changes with respect to the previous
edition:
— Clause 1 has been redrafted and shortened;
— Clause 3 has been updated with harmonized terms;
— requirements updated as to reflect the latest version of the ISO/IEC 15408 series;
— a new Clause 5 has been added, comprising much of the text from the Scope of the previous
edition.
iv © ISO 2017 – All rights reserved

Introduction
Electronic fee collection (EFC) systems are subject to several ways of fraud both by users and operators
but also from people outside the system. These security threats have to be met by different types of
security measures including security requirements specifications.
It is recommended that EFC operators or national organizations, e.g. highway authorities or transport
ministries, use the guideline provided by this document to prepare their own EFC/protection profile
(PP), as security requirements should be described from the standpoint of the operators and/or
operators’ organizations.
It should be noted that this document is of a more informative than normative nature and it is intended
to be read in conjunction with the underlying international standards ISO/IEC 15408 (all parts).
Most of the content of this document is an example shown in Annex A on how to prepare the security
requirements for EFC equipment, in this case, a DSRC-based OBE with an IC card loaded with crucial
data needed for the EFC. The example refers to a Japanese national EFC system and should only be
regarded as an example.
After an EFC/PP is prepared, it can be internationally registered by the organization that prepared the
EFC/PP so that other operators or countries that want to develop their EFC system security services
can refer to an already registered EFC/PP.
This EFC-related document on security service framework and EFC/PP is based on ISO/IEC 15408 (all
parts). ISO/IEC 15408 (all parts) includes a set of requirements for the security functions and assurance
of IT-relevant products and systems. Operators, organizations or authorities defining their own EFC/PP
can use these requirements. This will be similar to the different PPs registered by several financial
institutions, e.g. for payment instruments like IC cards.
The products and systems that were developed in accordance with ISO/IEC 15408 (all parts) can be
publicly assured by the authentication of the government or designated private evaluation agencies.
TECHNICAL SPECIFICATION ISO/TS 17574:2017(E)
Electronic fee collection — Guidelines for security
protection profiles
1 Scope
This document provides guidelines for preparation and evaluation of security requirements
specifications, referred to as Protection Profiles (PP) in ISO/IEC 15408 (all parts) and in
ISO/IEC TR 15446.
By Protection Profile (PP), it means a set of security requirements for a category of products or systems
that meet specific needs. A typical example would be a PP for On-Board Equipment (OBE) to be used in
an EFC system. However, the guidelines in this document are superseded if a Protection Profile already
exists for the subsystem in consideration.
The target of evaluation (TOE) for EFC is limited to EFC specific roles and interfaces as shown in
Figure 1. Since the existing financial security standards and criteria are applicable to other external
roles and interfaces, they are assumed to be outside the scope of TOE for EFC.
Figure 1 — Scope of TOE for EFC
The security evaluation is performed by assessing the security-related properties of roles, entities and
interfaces defined in security targets (STs), as opposed to assessing complete processes which often are
distributed over more entities and interfaces than those covered by the TOE of this document.
NOTE Assessing security issues for complete processes is a complimentary approach, which may well be
beneficial to apply when evaluating the security of a system.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http:// www .electropedia .org/
— ISO Online browsing platform: available at http:// www .iso .org/ obp
3.1
assurance requirement
security requirements to assure confidence in the implementation of functional requirements
3.2
audit
independent review and examination in order to ensure compliance with established policy and
operational procedures and to recommend associated changes
3.3
availability
property of being accessible and usable upon demand by an authorized entity
[SOURCE: ISO/TS 19299:2015, 3.6]
3.4
certification
procedure by which a party gives written assurance that a product, process, or service conforms to
specified requirements
[SOURCE: ISO/TS 14907-1:2015, 3.3]
3.5
confidentiality
prevention of information leakage to non-authenticated individuals, parties, and/or processes
[SOURCE: ISO/TS 19299:2015, 3.11]
3.6
data privacy
rights and obligations of individuals and organizations with respect to the collection, use, retention,
disclosure and disposal of personal information
[SOURCE: ISO/TS 19299:2015, 3.32]
3.7
Evaluation Assurance Level
EAL
set of assurance requirements, usually involving documentation, analysis and testing, representing a
point on a predefined assurance scale, that form an assurance package
3.8
functional requirement
requirement for a function that a system or system component is able to perform
3.9
integrity
property that data have not been altered or destroyed in an unauthorized manner
3.10
international registrar
organization authorized to register protection profiles at an international level
2 © ISO 2017 – All rights reserved

3.11
key management
generation, distribution, storage, application and revocation of encryption keys
3.12
On-Board Equipment
OBE
required equipment on-board a vehicle for performing required EFC functions and communication
services
Note 1 to entry: The OBE does not need to include payment means.
3.13
personalization card
set-up card
IC card to transcribe individual data such as vehicle information into On-Board Equipment
3.14
rationale verification
process determining that a product of each phase of the system lifecycle development process fulfils all
the requirements specified in the previous phase
3.15
reliability
ability of a device or a system to perform its intended function under given conditions of use for a
specified period of time or number of cycles
[SOURCE: ISO/TS 14907-1:2015, 3.17]
3.16
road side equipment
RSE
equipment located along the road, either fixed or mobile
3.17
secure application module
SAM
physical module that securely executes cryptographic functions and stores keys
[SOURCE: ISO/TS 19299:2015, 3.35]
3.18
security policy
set of rules that regulate how to handle security threats or define the appropriate security level
[SOURCE: ISO/TS 19299:2015, 3.36]
3.19
security target
ST
set of security requirements and specifications to be used as the basis for evaluation of an identified TOE
3.20
security threat
potential action or manner to violate the security of a system
3.21
target of evaluation
TOE
set of software, firmware and/or hardware possibly accompanied by guidance
[SOURCE: ISO/IEC 15408-1:2009, 3.1.70]
3.22
threat agent
entity that has the intention to act adversely on an asset
[SOURCE: ISO/TS 19299:2015, 3.40]
3.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 13140:2025(Main)
Electronic fee collection — Evaluation of on-board and roadside equipment for conformity to ISO 13141

This document specifies the test suite structure (TSS) and test purposes (TP) to evaluate the conformity of on-board equipment (OBE) and roadside equipment (RSE) to ISO 13141. It provides a basis for conformance tests for dedicated short-range communication (DSRC) equipment to support interoperability between different equipment supplied by different manufacturers. ISO 13141 specifies requirements for the localization augmentation communication (LAC) interface level, but not for the OBE or RSE internal functional behaviour. Consequently, tests regarding OBE and RSE functional behaviour remain outside the scope of this document.

  • Standard
    38 pages
    English language
    sale 15% off
  • Standard
    39 pages
    French language
    sale 15% off
  • Draft
    38 pages
    English language
    sale 15% off
  • Draft
    38 pages
    English language
    sale 15% off
  • Draft
    40 pages
    French language
    sale 15% off
ISO
ISO 7856:2025(Main)
Intelligent transport systems — Remote support for low speed automated driving systems (RS-LSADS) — Performance requirements, system requirements and performance test procedures

This document describes remote support provided to LSADS operated at Level 4 automation on predefined routes by a remotely located human in order to facilitate safe trip continuation. "Remote support" refers to the provision of information, or temporary performance of the dynamic driving task (DDT), and remote monitoring required for these functions. This document is applicable to RS-LSADS in vehicles that provide passenger transport or logistics services on predefined routes. This document specifies: — the terms and definitions related to RS-LSADS and the system architecture of RS-LSADS; — functions of RS-LSADS, which are: remote monitoring, remote assistance and remote driving that is operated under very limited conditions, and conditions under which they need to be activated; — the performance requirements, system requirements and performance test procedures of RS-LSADS; — the data to be communicated between vehicles and the remote support facility (but not protocols or other aspects of communication system). This document is applicable to remote support of operational and tactical functions during continuous operations, but does not apply to strategic functions or to RS-LSADS daily startup or shutdown.

  • Standard
    57 pages
    English language
    sale 15% off
ISO
ISO 17419:2025(Main)
Intelligent transport systems — Globally unique identification

This document: — describes and specifies globally unique addresses and identifiers (ITS-S object identifiers) that are both internal and external to ITS stations and are used for ITS station management; — describes how ITS-S object identifiers and related technical parameters are used for classification, registration and management of ITS applications and ITS application classes; — describes how ITS-S object identifiers are used in the ITS communication protocol stack; — introduces an organizational framework for registration and management of ITS-S objects; — defines and specifies management procedures at a high functional level; — specifies an ASN.1 module for the identifiers, addresses and registry records identified in this document; and — specifies an ASN.1 module for a C-ITS data dictionary containing ASN.1 type definitions of general interest. This document is based on the architecture of an ITS station specified in ISO 21217 as a bounded secured managed domain (BSMD).

  • Standard
    46 pages
    English language
    sale 15% off
  • Standard
    49 pages
    French language
    sale 15% off
  • Standard
    49 pages
    French language
    sale 15% off
ISO
ISO 15638-23:2025(Main)
Intelligent transport systems — Framework for collaborative telematics applications for regulated commercial freight vehicles (TARV) — Part 23: Tyre pressure monitoring (TPM)

This document addresses the provision of tyre pressure monitoring (TPM) services. It specifies the form and content of the transmission data required to support TPM systems (TPMS) and the access methods for these data. This document provides specifications for common communications and data exchange aspects of the TPM application service that a jurisdiction regulator or operator can elect to require or support as an option, including: a) a high-level definition of the service that a service provider has to provide [the service definition describes common service elements (SEs), but does not specify the detail of how such an application service is instantiated, nor the acceptable value ranges of the data concepts defined]; b) the means to realize the service; c) application data naming, content and quality that an in-vehicle system (IVS) has to deliver, including a number of TPM profiles or data (noting that requirements and constraints of what can/cannot be transmitted over the air can vary between jurisdictions); d) support for a number of defined communication profiles to enable remote inspection. This document provides specifications for the following application profiles: — Application profile A1: the cyclical initiation of TPM message by on-board equipment (TPM-C). — Application profile A2: the exceptional initiation of TPM message by on-board equipment (TPM-E). — Application profile A3: the provision of TPM data as the result of an off-board request (TPM-R). — Application profile A4: The provision of TPM data as the result of an off-board reading of tyre pressures of vehicles which can potentially be unequipped (TPM-O).

  • Standard
    74 pages
    English language
    sale 15% off
ISO
ISO 17423:2025(Main)
Intelligent transport systems — Application requirements and objectives

This document: — specifies communication service parameters presented by ITS station (ITS-S) application processes to the ITS-S management in support of automatic selection of ITS-S communication profiles in an ITS station unit (ITS-SU); — specifies related procedures for the static and dynamic ITS-S communication profile selection processes at a high functional level; — provides an illustration of objectives used to estimate an optimum ITS-S communication profile.

  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    34 pages
    French language
    sale 15% off
  • Standard
    34 pages
    French language
    sale 15% off
ISO
ISO 12855:2025(Main)
Electronic fee collection — Information exchange between service provision and toll charging

This document specifies: — the interfaces between electronic fee collection (EFC) back-office systems for vehicle-related transport services, e.g. road user charging, parking and access control; — an exchange of information between the back-office system of the two roles of service provision and toll charging, e.g.: — charging-related data (toll declarations, billing details, payment claims, payment announcements), — administrative data (trust objects, EFC context data, etc.), and — confirmation data; — transfer mechanisms and supporting functions; — information objects, data syntax and semantics. This document is applicable for any vehicle-related toll service and any technology used for charging. The data types and associated coding related to the data elements described in Clause 6 are specified in Annex A, using the abstract syntax notation one (ASN.1) according to ISO/IEC 8824-1. This document specifies basic protocol mechanisms over which implementations can specify and perform complex transfers (transactions). This document does not specify, amongst others: — any communication between TC or TSP with any other involved party; — any communication between elements of the TC and the TSP that is not part of the back-office communication; — interfaces for EFC systems for public transport; — any complex transfers (transactions), i.e. sequences of inter-related ADUs that can possibly involve several APDU exchanges; — processes regarding payments and exchanges of fiscal, commercial or legal accounting documents; — definitions of service communication channels, protocols and service primitives to transfer the APDU.

  • Standard
    296 pages
    English language
    sale 15% off
ISO
ISO 18750:2025(Main)
Intelligent transport systems — Local dynamic map

This document: — describes the functionality of a "local dynamic map" (LDM) in the context of the "bounded secured managed domain" (BSMD); — specifies: — general characteristics of LDM Data Objects (LDM-DOs) that can be stored in an LDM, i.e. information on real objects such as vehicles, road works sections, slow traffic sections, special weather condition sections, which are as a minimum requirement location-referenced and time-referenced; — service access point functions providing interfaces in an ITS station (ITS-S) to access an LDM for: — secure add, update and delete access for ITS-S application processes; — secure read access (query) for ITS-S application processes; — secure notifications (upon subscription) to ITS-S application processes; — management access: — secure registration, de-registration and revocation of ITS-S application processes at LDM; — secure subscription and cancellation of subscriptions of ITS-S application processes; — procedures in an LDM considering: — means for maintaining the content and integrity of the data store; — mechanisms supporting several LDMs in a single ITS station unit.

  • Standard
    68 pages
    English language
    sale 15% off
  • Standard
    72 pages
    French language
    sale 15% off
  • Standard
    72 pages
    French language
    sale 15% off
ISO
ISO/TS 24315-1:2025(Main)
Intelligent transport systems — Management of electronic traffic regulations (METR) — Part 1: Vocabulary

The management of electronic transport regulations (METR) provides a means for METR users to obtain trustworthy, authoritative, machine-interpretable, publicly available and transport-related information for the use of the road network, in order to provide safer and more efficient, sustainable, comfortable, and equitable transport services. The scope of METR includes both rules that are relatively static (e.g. static speed limits) as well as those that are dynamic (e.g. variable speed limits, signalized intersections). Where appropriate, METR incorporates existing documents (e.g. ISO/TS 19091 for signalized intersections). This document defines terms specific to the ISO 24315 series on the management of electronic transport regulations.

  • Technical specification
    21 pages
    English language
    sale 15% off
ISO
ISO 13143:2025(Main)
Electronic fee collection — Evaluation of on-board and roadside equipment for conformity to ISO 12813

This document specifies the test suite structure (TSS) and test purposes (TPs) for evaluating the conformity of on-board equipment (OBE) and roadside equipment (RSE) to ISO 12813. It provides a basis for conformance tests for dedicated short-range communication (DSRC) OBE and RSE to support interoperability between different equipment supplied by different manufacturers. ISO 12813 specifies requirements for the compliance check communication (CCC) interface level, but not for the OBE or RSE internal functional behaviour. Consequently, tests regarding OBE and RSE functional behaviour remain outside the scope of this document.

  • Standard
    83 pages
    English language
    sale 15% off
  • Standard
    83 pages
    French language
    sale 15% off
ISO
ISO/TS 22726-2:2025(Main)
Intelligent transport systems — Dynamic data and map database specification for connected and automated driving system applications — Part 2: Logical data model of dynamic data

This document specifies a unified logical data model based on available existing dynamic information standards. The data has precise relative location references to be linked with ISO/TS 22726-1 which specifies the architecture and the logical data model of static map data for connected and automated driving applications. Dynamic event data comes from external systems and has been defined and specified independently by existing standards. Therefore, the logical data model in this document is formed to synthesize contents referring to other standards.

  • Technical specification
    110 pages
    English language
    sale 15% off